X509ChainStatusFlags X509ChainStatusFlags X509ChainStatusFlags X509ChainStatusFlags Enum


定义一个 X509 链的状态。Defines the status of an X509 chain.

此枚举有一个 FlagsAttribute 属性,允许按位组合成员值。

public enum class X509ChainStatusFlags
public enum X509ChainStatusFlags
type X509ChainStatusFlags = 
Public Enum X509ChainStatusFlags


CtlNotSignatureValid CtlNotSignatureValid CtlNotSignatureValid CtlNotSignatureValid 262144

将证书信任列表 (CTL) 指定为包含无效签名。Specifies that the certificate trust list (CTL) contains an invalid signature.

CtlNotTimeValid CtlNotTimeValid CtlNotTimeValid CtlNotTimeValid 131072

将证书信任列表 (CTL) 指定为因时间值(如表明 CTL 已过期的值)无效而无效。Specifies that the certificate trust list (CTL) is not valid because of an invalid time value, such as one that indicates that the CTL has expired.

CtlNotValidForUsage CtlNotValidForUsage CtlNotValidForUsage CtlNotValidForUsage 524288

将证书信任列表 (CTL) 指定为对该使用无效。Specifies that the certificate trust list (CTL) is not valid for this use.

Cyclic Cyclic Cyclic Cyclic 128

将 X509 链指定为无法生成。Specifies that the X509 chain could not be built.

ExplicitDistrust ExplicitDistrust ExplicitDistrust ExplicitDistrust 67108864

将证书指定为显式不受信任。Specifies that the certificate is explicitly distrusted.

HasExcludedNameConstraint HasExcludedNameConstraint HasExcludedNameConstraint HasExcludedNameConstraint 32768

将 X509 链指定为因证书排除了名称约束而无效。Specifies that the X509 chain is invalid because a certificate has excluded a name constraint.

HasNotDefinedNameConstraint HasNotDefinedNameConstraint HasNotDefinedNameConstraint HasNotDefinedNameConstraint 8192

将证书指定为具有未定义的名称约束。Specifies that the certificate has an undefined name constraint.

HasNotPermittedNameConstraint HasNotPermittedNameConstraint HasNotPermittedNameConstraint HasNotPermittedNameConstraint 16384

将证书指定为具有不受许可的名称约束。Specifies that the certificate has an impermissible name constraint.

HasNotSupportedCriticalExtension HasNotSupportedCriticalExtension HasNotSupportedCriticalExtension HasNotSupportedCriticalExtension 134217728

将证书指定为不支持关键扩展。Specifies that the certificate does not support a critical extension.

HasNotSupportedNameConstraint HasNotSupportedNameConstraint HasNotSupportedNameConstraint HasNotSupportedNameConstraint 4096

将证书指定为不具有受支持的名称约束或具有的名称约束不受支持。Specifies that the certificate does not have a supported name constraint or has a name constraint that is unsupported.

HasWeakSignature HasWeakSignature HasWeakSignature HasWeakSignature 1048576

将证书指定为未经强签名。Specifies that the certificate has not been strong signed. 这通常指示 MD2 或 MD5 哈希算法被用于创建证书的哈希。Typically, this indicates that the MD2 or MD5 hashing algorithms were used to create a hash of the certificate.

InvalidBasicConstraints InvalidBasicConstraints InvalidBasicConstraints InvalidBasicConstraints 1024

将 X509 链指定为因基本约束无效而无效。Specifies that the X509 chain is invalid due to invalid basic constraints.

InvalidExtension InvalidExtension InvalidExtension InvalidExtension 256

将 X509 链指定为因扩展无效而无效。Specifies that the X509 chain is invalid due to an invalid extension.

InvalidNameConstraints InvalidNameConstraints InvalidNameConstraints InvalidNameConstraints 2048

将 X509 链指定为因名称约束无效而无效。Specifies that the X509 chain is invalid due to invalid name constraints.

InvalidPolicyConstraints InvalidPolicyConstraints InvalidPolicyConstraints InvalidPolicyConstraints 512

将 X509 链指定为因策略约束无效而无效。Specifies that the X509 chain is invalid due to invalid policy constraints.

NoError NoError NoError NoError 0

将 X509 链指定为无错误。Specifies that the X509 chain has no errors.

NoIssuanceChainPolicy NoIssuanceChainPolicy NoIssuanceChainPolicy NoIssuanceChainPolicy 33554432

指定在证书中不存在证书策略扩展。Specifies that there is no certificate policy extension in the certificate. 如果组策略已指定所有证书都必须具有证书策略,则会发生此错误。This error would occur if a group policy has specified that all certificates must have a certificate policy.

NotSignatureValid NotSignatureValid NotSignatureValid NotSignatureValid 8

将 X509 链指定为因证书签名无效而无效。Specifies that the X509 chain is invalid due to an invalid certificate signature.

NotTimeNested NotTimeNested NotTimeNested NotTimeNested 2

已否决。Deprecated. 将 CA(证书颁发机构)证书和已颁发证书指定为具有不嵌套的有效期。Specifies that the CA (certificate authority) certificate and the issued certificate have validity periods that are not nested. 例如,CA 证书的有效期可为 1 月 1 日至 12 月 1 日,而颁发证书的有效期为 1 月 2 日至 12 月 2 日,这就意味着有效期不嵌套。For example, the CA cert can be valid from January 1 to December 1 and the issued certificate from January 2 to December 2, which would mean the validity periods are not nested.

NotTimeValid NotTimeValid NotTimeValid NotTimeValid 1

将 X509 链指定为因无效时间值(如表明证书已过期的值)而无效。Specifies that the X509 chain is not valid due to an invalid time value, such as a value that indicates an expired certificate.

NotValidForUsage NotValidForUsage NotValidForUsage NotValidForUsage 16

将密钥用法指定为无效。Specifies that the key usage is not valid.

OfflineRevocation OfflineRevocation OfflineRevocation OfflineRevocation 16777216

将 X509 链依赖的联机证书吊销列表 (CRL) 指定为当前处于脱机状态。Specifies that the online certificate revocation list (CRL) the X509 chain relies on is currently offline.

PartialChain PartialChain PartialChain PartialChain 65536

将 X509 链指定为无法生成至根证书。Specifies that the X509 chain could not be built up to the root certificate.

RevocationStatusUnknown RevocationStatusUnknown RevocationStatusUnknown RevocationStatusUnknown 64

指定无法确定证书是否已吊销。Specifies that it is not possible to determine whether the certificate has been revoked. 这可能是由于证书吊销列表 (CRL) 脱机或不可用。This can be due to the certificate revocation list (CRL) being offline or unavailable.

Revoked Revoked Revoked Revoked 4

将 X509 链指定为因证书吊销而无效。Specifies that the X509 chain is invalid due to a revoked certificate.

UntrustedRoot UntrustedRoot UntrustedRoot UntrustedRoot 32

将 X509 链指定为因根证书不受信任而无效。Specifies that the X509 chain is invalid due to an untrusted root certificate.


此枚举与X509ChainStatus结构ChainStatus和属性结合使用。This enumeration is used in conjunction with the X509ChainStatus structure and the ChainStatus property.

在中引入.NET Framework 4.6.1.NET Framework 4.6.1了标志 ExplicitDistrust、HasNotSupportedCriticalExtension 和 HasWeakSignature。The flags ExplicitDistrust, HasNotSupportedCriticalExtension and HasWeakSignature were introduced with the .NET Framework 4.6.1.NET Framework 4.6.1.